Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/EyfCRPBWNcK6m5Q1ifapV2ph8nc.roa
File: EyfCRPBWNcK6m5Q1ifapV2ph8nc.roa (raw, json)
Hash identifier: 3aZQ7bjE8hUNHUOaE+czv2hnCpPbTmXI8kcrJDS7580=
Subject key identifier: 13:27:C2:44:F0:56:35:C2:BA:9B:94:35:89:F6:A9:57:6A:61:F2:77
Certificate issuer: /CN=0962dc6940760b7fbc2ea4367cc53bc230a64f9b
Certificate serial: 018E37EB345784C8F652B510DE1F47AED11B
Authority key identifier: 09:62:DC:69:40:76:0B:7F:BC:2E:A4:36:7C:C5:3B:C2:30:A6:4F:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWLcaUB2C3-8LqQ2fMU7wjCmT5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/EyfCRPBWNcK6m5Q1ifapV2ph8nc.roa
Signing time: Wed 13 Mar 2024 13:05:45 +0000
ROA not before: Wed 13 Mar 2024 13:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31275
IP address blocks: 83.220.64.0/19 maxlen: 19
83.220.64.0/24 maxlen: 24
83.220.65.0/24 maxlen: 24
83.220.66.0/24 maxlen: 24
83.220.67.0/24 maxlen: 24
83.220.68.0/24 maxlen: 24
83.220.69.0/24 maxlen: 24
83.220.70.0/24 maxlen: 24
83.220.71.0/24 maxlen: 24
83.220.72.0/24 maxlen: 24
83.220.73.0/24 maxlen: 24
83.220.74.0/24 maxlen: 24
83.220.75.0/24 maxlen: 24
83.220.76.0/24 maxlen: 24
83.220.77.0/24 maxlen: 24
83.220.78.0/24 maxlen: 24
83.220.79.0/24 maxlen: 24
83.220.80.0/24 maxlen: 24
83.220.81.0/24 maxlen: 24
83.220.82.0/24 maxlen: 24
83.220.83.0/24 maxlen: 24
83.220.85.0/24 maxlen: 24
83.220.86.0/24 maxlen: 24
83.220.87.0/24 maxlen: 24
83.220.88.0/24 maxlen: 24
83.220.89.0/24 maxlen: 24
83.220.90.0/24 maxlen: 24
83.220.91.0/24 maxlen: 24
83.220.92.0/24 maxlen: 24
83.220.93.0/24 maxlen: 24
83.220.94.0/24 maxlen: 24
83.220.95.0/24 maxlen: 24
2a04:e380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/CWLcaUB2C3-8LqQ2fMU7wjCmT5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/CWLcaUB2C3-8LqQ2fMU7wjCmT5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWLcaUB2C3-8LqQ2fMU7wjCmT5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:eb:34:57:84:c8:f6:52:b5:10:de:1f:47:ae:d1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0962dc6940760b7fbc2ea4367cc53bc230a64f9b
Validity
Not Before: Mar 13 13:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1327c244f05635c2ba9b943589f6a9576a61f277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:10:8d:9e:ce:2a:24:92:54:59:63:87:4c:
76:ee:0b:27:3f:c4:31:48:e5:bc:79:b8:fb:56:13:
d6:86:78:c2:6b:a8:e6:e1:82:d0:8d:ae:3a:f3:5f:
7f:7e:dc:c2:1c:e4:73:c7:14:38:f6:aa:d2:58:45:
ab:f1:67:cf:32:15:81:2a:71:30:7d:fe:b5:99:41:
44:f1:5a:1a:4e:ca:d7:ae:27:55:ba:cc:92:cb:4b:
69:c0:44:2f:6c:a1:aa:05:4f:15:12:f6:30:27:32:
36:c5:78:85:47:9c:2b:bd:47:7d:57:51:b9:db:ad:
58:3e:0a:21:bd:d4:52:fa:b1:5c:f0:b0:78:a1:46:
ca:a6:23:c0:83:45:01:76:a3:d0:03:ed:46:fd:fa:
87:dc:bc:8d:c0:ea:eb:65:c3:ba:d7:f9:fe:ff:91:
9f:a0:95:b9:07:1d:43:e9:a0:a2:15:ae:67:fb:22:
09:81:53:90:30:ae:06:6b:2e:40:c9:db:62:cb:a7:
7f:86:ec:a5:e5:1a:16:ae:17:5a:6c:65:35:f2:64:
70:90:50:68:56:b9:90:7f:46:45:38:4e:0e:94:6c:
56:e2:bb:aa:5e:fc:fb:3e:b8:85:63:5d:7e:2f:7f:
24:97:da:fd:73:1b:ba:42:53:a6:2d:dc:51:12:fd:
c0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:27:C2:44:F0:56:35:C2:BA:9B:94:35:89:F6:A9:57:6A:61:F2:77
X509v3 Authority Key Identifier:
keyid:09:62:DC:69:40:76:0B:7F:BC:2E:A4:36:7C:C5:3B:C2:30:A6:4F:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWLcaUB2C3-8LqQ2fMU7wjCmT5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/EyfCRPBWNcK6m5Q1ifapV2ph8nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/20ff0f-618f-4cb6-bc7f-6541977f65f9/1/CWLcaUB2C3-8LqQ2fMU7wjCmT5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.220.64.0/19
IPv6:
2a04:e380::/29
Signature Algorithm: sha256WithRSAEncryption
c2:a3:cb:2a:06:1b:8b:72:54:36:6c:05:97:5e:e2:46:e8:77:
85:d0:42:a6:ae:7e:c1:15:ae:d6:f5:2f:d8:78:9d:7b:39:32:
b8:ae:ea:d8:42:1e:2c:cd:ae:dc:a7:4a:bd:5b:4f:7a:fe:57:
5c:80:15:d5:04:b1:28:85:b3:1d:ce:8f:f3:b6:60:cf:f3:b8:
3b:00:89:4d:a0:5b:b6:33:4f:a7:13:60:d7:e1:9e:4c:db:26:
77:81:c3:84:85:41:75:3b:93:fa:a6:3c:3c:ae:24:46:03:11:
f0:ca:a9:cd:3e:89:6f:b5:0d:89:26:3a:9a:90:08:ba:4f:c0:
72:f4:6f:43:66:41:72:5c:ba:85:f6:d6:91:fd:e5:4c:e3:7b:
ce:6a:4e:61:7c:39:08:12:84:dd:c2:80:1d:82:6f:e6:83:dd:
78:a9:ee:37:35:fa:b4:03:0a:ff:cd:0b:a9:15:9c:29:47:35:
c4:de:fe:44:0f:2e:2b:31:00:e2:69:51:e0:da:43:46:c0:3f:
1f:35:54:d6:8a:79:5b:8b:38:be:1f:1c:ad:88:08:f4:dd:c0:
af:13:0f:24:ea:c2:ff:fd:56:6a:48:b4:20:21:62:f6:ac:99:
16:2d:3a:ad:da:ab:df:e1:a3:e1:db:e5:01:85:03:46:5f:87:
c1:f2:42:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY436zRXhMj2UrUQ3h9HrtEbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjJkYzY5NDA3NjBiN2ZiYzJlYTQzNjdjYzUzYmMyMzBh
NjRmOWIwHhcNMjQwMzEzMTMwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzI3YzI0NGYwNTYzNWMyYmE5Yjk0MzU4OWY2YTk1NzZhNjFmMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC4QjZ7OKiSSVFljh0x27gsnP8Qx
SOW8ebj7VhPWhnjCa6jm4YLQja46819/ftzCHORzxxQ49qrSWEWr8WfPMhWBKnEw
ff61mUFE8VoaTsrXridVusySy0tpwEQvbKGqBU8VEvYwJzI2xXiFR5wrvUd9V1G5
261YPgohvdRS+rFc8LB4oUbKpiPAg0UBdqPQA+1G/fqH3LyNwOrrZcO61/n+/5Gf
oJW5Bx1D6aCiFa5n+yIJgVOQMK4Gay5Aydtiy6d/huyl5RoWrhdabGU18mRwkFBo
VrmQf0ZFOE4OlGxW4ruqXvz7PriFY11+L38kl9r9cxu6QlOmLdxREv3A0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBMnwkTwVjXCupuUNYn2qVdqYfJ3MB8GA1UdIwQY
MBaAFAli3GlAdgt/vC6kNnzFO8Iwpk+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dMY2FVQjJDMy04THFRMmZNVTd3akNtVDVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yMGZmMGYtNjE4Zi00Y2I2LWJjN2Yt
NjU0MTk3N2Y2NWY5LzEvRXlmQ1JQQldOY0s2bTVRMWlmYXBWMnBoOG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yMGZmMGYtNjE4Zi00Y2I2LWJjN2YtNjU0MTk3N2Y2NWY5
LzEvQ1dMY2FVQjJDMy04THFRMmZNVTd3akNtVDVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFU9xAMA0E
AgACMAcDBQMqBOOAMA0GCSqGSIb3DQEBCwUAA4IBAQDCo8sqBhuLclQ2bAWXXuJG
6HeF0EKmrn7BFa7W9S/YeJ17OTK4rurYQh4sza7cp0q9W096/ldcgBXVBLEohbMd
zo/ztmDP87g7AIlNoFu2M0+nE2DX4Z5M2yZ3gcOEhUF1O5P6pjw8riRGAxHwyqnN
PolvtQ2JJjqakAi6T8By9G9DZkFyXLqF9taR/eVM43vOak5hfDkIEoTdwoAdgm/m
g914qe43Nfq0Awr/zQupFZwpRzXE3v5EDy4rMQDiaVHg2kNGwD8fNVTWinlbizi+
HxytiAj03cCvEw8k6sL//VZqSLQgIWL2rJkWLTqt2qvf4aPh2+UBhQNGX4fB8kK9
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:47:21 2024 by rpki-client on console-fra.rpki-client.org